Keep me going

Category: Java

There are plenty of online tutorials showing how to create database-based authentication for Spring. Some of them use SQL query to authenticate user and retrieve its roles, some use DAO… but none of them worked well for me and all of them had some major problems, even like SQL Injection. So, in this post I will explain my approach and present final solution with a database (MySQL), User and Role class and UserDetailsService implementation.

The goal is to create basic webpage with login form and signup form (which includes fields validation) that handles different roles. Then, you and me can use it as a template project.

This tutorial doesn’t include steps how to setup your IDE and build environment. We’re going straight to code, and I will try to avoid as much boilterplate as possible, so the code won’t include getters and setters. If you still write them by hand, time to learn about Lombok project (which I use here) or any other code generator.

Everyone knows it’s important to keep dependencies up to date. The risks of not updating them are very often high: you risk losing your data or data of your customers, being part of a botnet or simply getting hacked by script kiddies replacing your frontpage with something shameful.
Not everyone knows how easy it is to keep your dependencies up to date with gradle. Both gradle and maven have plugins to check for updates in your list of dependencies.

When using official Tomcat server from Docker Hub you will face a problem with opening management UI, because there is no default login or password in that docker image, so the only app management site you can visit is this one:

And because Tomcat doesn’t have user management built-in like other container managers – it loads users and passwords from conf/tomcat-users.xml file, it makes it more complicated to start with Tomcat than with other container managers like Wildfly.

The Tomcat Docker image comes without nano, vi or vim… so you can’t easily edit that file, but hopefully it comes with.. sed. And that’s good enough to add new users and roles to the file! Remember the times when you didn’t see the file you were editing when you when typing, until vi came out of course?

To be able to access two databases in SpringBoot you must define two data sources. In my case I had one database for identity details of users, like username, name, email, address etc. and second database for everything else.

You have to define one @Configuration class for each database and each class will wired its own datasource to services (like JpaRepository or CrudRepository) to defined packages.

In my spare time I develop applications on Android. I also “maintain” F-Droid repository for some of my public projects. I wanted to automatically publish each build after:

Compilation passed

Test on a connected device passed

Signed build completed

So I made a simple setup with help of GitLabCI and own F-Droid repository. This post does not describe how to configure F-Droid repository or configuration of GItLabCI-runner, because official documentation is much better than I could write it. This post just describes how I use both services to automate boring deployment.

GtiLabCI is run on your own hardware, so it can have access to your files, configuration etc. It’s an advantage over Travis, as you can run any custom command, like testing on connected device or on pre-configured emulator, connected to remote hosts where CI slave is on a trusted machine.

My major project in Java (Android) involved image manipulation where I used JHLabs. I found there was no easy way to add JHLabs support for Android without extracting sources and manually adding them to the project. So there it is now: https://gitlab.com/agilob/JHLabs_android

It’s compatible with gradle build system, so you can easily add it to your gradle project.